1. 程式人生 > >12.Nginx介紹,安裝,配置默認虛擬主機,重定向

12.Nginx介紹,安裝,配置默認虛擬主機,重定向

Nginx介紹 Nginx安裝 配置默認虛擬主機

[toc]

12.5 Nginx介紹

官網:nginx.org

因為nginx處理靜態文件的能力要比apache好很多,所以很多企業在建站的時候一般都是用java寫的,然後會選擇tomcat,但是tomcat處理靜態文件的能力不是太好就會疊加選擇nginx。

nginx特點:

體積小
處理能力強
並發高
可擴展性好
Nginx應用場景:
web服務
反向代理
負載均衡
Nginx著名分支,淘寶基於Nginx開發的Tengine,使用上和Nginx一致,服務名,配置文件名都一樣,和Nginx的最大區別在於Tenging增加了一些定制化模塊,在安全限速方面表現突出,另外它支持對js,css合並
Nginx核心+lua(開發語言)相關的組件和模塊組成了一個支持lua的高性能web容器openresty,參考http://jinnianshilongnian.iteye.com/blog/2280928 

12.6 下載配置安裝Nginx

1.下載解壓

[root@xavi php-5.6.30]# cd /usr/local/src
[root@xavi src]# wget http://nginx.org/download/nginx-1.12.1.tar.gz
[root@xavi src]# tar zvxf nginx-1.12.1.tar.gz

2.進入安裝源碼包,配置,make&make install

[root@xavi src]# cd nginx-1.12.1/
[root@xavi nginx-1.12.1]# ./configure --prefix=/usr/local/nginx

Nginx目錄,四個目錄: conf , html , logs , sbin

  • [ ] conf:nginx配置文件

  • [ ] html:主頁樣例文件

  • [ ] logs:站點日誌

  • [ ] sbin:核心進程文件
[root@xavi nginx-1.12.1]# ls /usr/local/nginx
conf  html  logs  sbin

[root@xavi nginx-1.12.1]# ls /usr/local/nginx/conf
fastcgi.conf            koi-utf             nginx.conf           uwsgi_params
fastcgi.conf.default    koi-win             nginx.conf.default   uwsgi_params.default
fastcgi_params          mime.types          scgi_params          win-utf
fastcgi_params.default  mime.types.default  scgi_params.default

[root@xavi nginx-1.12.1]# ls /usr/local/nginx/html
50x.html  index.html

[root@xavi nginx-1.12.1]# ls /usr/local/nginx/logs/

[root@xavi nginx-1.12.1]# ls /usr/local/nginx/sbin/
nginx
[root@xavi nginx-1.12.1]# ls /usr/local/nginx/sbin/nginx
/usr/local/nginx/sbin/nginx

測試配置語法錯誤nginx -t

[root@xavi nginx-1.12.1]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

3.Nginx配置

3.1 制作啟動腳本

[root@xavi nginx-1.12.1]# vim /etc/init.d/nginx
//增加以下內容:

#!/bin/bash
# chkconfig: - 30 21
# description: http service.
# Source Function Library
. /etc/init.d/functions
# Nginx Settings
NGINX_SBIN="/usr/local/nginx/sbin/nginx"
NGINX_CONF="/usr/local/nginx/conf/nginx.conf"
NGINX_PID="/usr/local/nginx/logs/nginx.pid"
RETVAL=0
prog="Nginx"
start() 
{
    echo -n $"Starting $prog: "
    mkdir -p /dev/shm/nginx_temp
    daemon $NGINX_SBIN -c $NGINX_CONF
    RETVAL=$?
    echo
    return $RETVAL
}
stop() 
{
    echo -n $"Stopping $prog: "
    killproc -p $NGINX_PID $NGINX_SBIN -TERM
    rm -rf /dev/shm/nginx_temp
    RETVAL=$?
    echo
    return $RETVAL
}
reload()
{
    echo -n $"Reloading $prog: "
    killproc -p $NGINX_PID $NGINX_SBIN -HUP
    RETVAL=$?
    echo
    return $RETVAL
}
restart()
{
    stop
    start
}
configtest()
{
    $NGINX_SBIN -c $NGINX_CONF -t
    return 0
}
case "$1" in
  start)
        start
        ;;
  stop)
        stop
        ;;
  reload)
        reload
        ;;
  restart)
        restart
        ;;
  configtest)
        configtest
        ;;
  *)
        echo $"Usage: $0 {start|stop|reload|restart|configtest}"
        RETVAL=1
esac
exit $RETVAL

3.2 更改權限

chmod 755 /etc/init.d/nginx

3.3 配置開機啟動

chkconfig --add nginx

chkconfig nginx on

[root@xavi nginx-1.12.1]# chmod 755 /etc/init.d/nginx

[root@xavi nginx-1.12.1]# chkconfig --add nginx

[root@xavi nginx-1.12.1]# chkconfig nginx on

3.4 編輯配置文件

cd /usr/local/nginx/conf/

mv nginx.conf nginx.conf.bak //不使用系統自帶的配置模板,把自帶的備份下

vim nginx.conf
//拷貝如下配置文件:

user nobody nobody;
worker_processes 2;
error_log /usr/local/nginx/logs/nginx_error.log crit;
pid /usr/local/nginx/logs/nginx.pid;
worker_rlimit_nofile 51200;
events
{
    use epoll;
    worker_connections 6000;
}
http
{
    include mime.types;
    default_type application/octet-stream;
    server_names_hash_bucket_size 3526;
    server_names_hash_max_size 4096;
    log_format combined_realip ‘$remote_addr $http_x_forwarded_for [$time_local]‘
    ‘ $host "$request_uri" $status‘
    ‘ "$http_referer" "$http_user_agent"‘;
    sendfile on;
    tcp_nopush on;
    keepalive_timeout 30;
    client_header_timeout 3m;
    client_body_timeout 3m;
    send_timeout 3m;
    connection_pool_size 256;
    client_header_buffer_size 1k;
    large_client_header_buffers 8 4k;
    request_pool_size 4k;
    output_buffers 4 32k;
    postpone_output 1460;
    client_max_body_size 10m;
    client_body_buffer_size 256k;
    client_body_temp_path /usr/local/nginx/client_body_temp;
    proxy_temp_path /usr/local/nginx/proxy_temp;
    fastcgi_temp_path /usr/local/nginx/fastcgi_temp;
    fastcgi_intercept_errors on;
    tcp_nodelay on;
    gzip on;
    gzip_min_length 1k;
    gzip_buffers 4 8k;
    gzip_comp_level 5;
    gzip_http_version 1.1;
    gzip_types text/plain application/x-javascript text/css text/htm 
    application/xml;
    server
    {
        listen 80;
        server_name localhost;
        index index.html index.htm index.php;
        root /usr/local/nginx/html;
        location ~ \.php$ 
        {
            include fastcgi_params;
            fastcgi_pass unix:/tmp/php-fcgi.sock;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name;
        }    
    }
}

3.5 配置詳解:

參考文章:http://www.okay686.cn/510.html

user nobody nobody; 運行服務的用戶是誰

worker_processes 2;定義子進程的數量

worker_rlimit_nofile
51200;最多可以打開多少個文件

worker_connections 6000;允許最大的連接數

server; 下面對應的就是虛擬主機配置

server_name localhost;定義網站的域名

root /usr/local/nginx/html;定義網站的根目錄

location ~ .php$;配置解析PHP

fastcgi_pass unix:/tmp/php-fcgi.sock;監聽端口或者監聽socket,通過此命令去執行

fastcgi_pass 127.0.0.1:9000;(或者攜程這種方式,服務器IP地址+端口)

3.6 啟動nginx服務

[root@xavi conf]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@xavi conf]# /etc/init.d/nginx start
Starting nginx (via systemctl):                            [  確定  ]
[root@xavi conf]# ps aux |grep nginx
root     124541  0.0  0.0  20500   628 ?        Ss   00:11   0:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
nobody   124542  0.0  0.1  25028  3508 ?        S    00:11   0:00 nginx: worker process
nobody   124543  0.0  0.1  25028  3248 ?        S    00:11   0:00 nginx: worker process
root     124553  0.0  0.0 112680   976 pts/0    S+   00:11   0:00 grep --color=auto nginx

3.7 curl localhost //本地測試 nginx

技術分享圖片

vim /usr/local/nginx/html/1.php //編輯一個測試php頁面

技術分享圖片

[root@xavi conf]# curl localhost/1.php
this is nginx test page[root@xavi conf]# 

12.7 Nginx默認虛擬主機

在Nginx中也有默認虛擬主機,跟httpd類似,第一個被Nginx加載的虛擬主機就是默認主機,但和httpd不相同的地方是,它還有一個配置用來標記默認虛擬主機,也就是說,如果沒有這個標記,第一個虛擬主機為默認虛擬主機。

1.編輯修改配置文件nginx.conf,增加一句: include vhost/*.conf;

[root@xavi ~]# cd /usr/local/nginx/conf/
[root@xavi conf]# vim /usr/local/nginx/conf/nginx.conf
 加入這行:include vhost/*.conf;

加入這行,意思是/usr/local/nginx/conf/vhost/下面所有以.conf結尾的文件都會加載,這樣可以把所有虛擬主機配置文件放到vhost目錄下面了

2.把server的定義刪除,為方便後續實驗

技術分享圖片

技術分享圖片

3.創建一個vhost的子目錄

技術分享圖片

[root@xavi conf]# pwd
/usr/local/nginx/conf
[root@xavi conf]# mkdir vhost
[root@xavi conf]# cd vhost/
[root@xavi vhost]# ls

[root@xavi vhost]# vim aaa.com.conf

4 創建創建vhost目錄及配置文件and虛擬server

有這個default_server標記的就是默認虛擬主機

server
    {
        listen 80 default_server; //有這個default_server標記的就是默認虛擬主機
        server_name aaa.com;
        index index.html index.htm index.php;
        root /data/wwwroot/default;
    }

技術分享圖片

5. 創建測試頁面 index.html

[root@xavi vhost]# cd /data/wwwroot/default/
[root@xavi default]# ls
[root@xavi default]# vim index.html
[root@xavi default]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

技術分享圖片

6. 重載並測試

[root@xavi default]# /usr/local/nginx/sbin/nginx -s reload
[root@xavi default]# curl localhost
this is the default site.

7.訪問aaa.com,訪問沒有定義過的域名,也會訪問到aaa.com

[root@xavi default]# curl -x127.0.0.1:80 aaa.com
this is the default site.
[root@xavi default]# curl -x127.0.0.1:80 bbb.com
this is the default site.
[root@xavi default]# curl -x127.0.0.1:80 bbcb.com
this is the default site.
[root@xavi default]# tail /usr/local/nginx/conf/nginx.conf
    tcp_nodelay on;
    gzip on;
    gzip_min_length 1k;
    gzip_buffers 4 8k;
    gzip_comp_level 5;
    gzip_http_version 1.1;
    gzip_types text/plain application/x-javascript text/css text/htm 
    application/xml;
    include vhost/*.conf;
}

12.8 Nginx用戶認證

1. 再創建一個新的虛擬主機

[root@xavi default]# cd /usr/local/nginx/conf/vhost/
[root@xavi vhost]# vim test.com.conf

server
{
   listen 80;                  
   server_name test.com;
   index index.html index.htm index.php;
   root /data/nginx/test.com;

   location /     //用戶認證等信息
     {
       auth_basic         "Auth";
       auth_basic_user_file /usr/local/nginx/conf/htpasswd;  //密碼文件
     }
}

2. yum install -y httpd //安裝httpd,也可以使用之前編譯安裝的apache2.4

[root@xavi vhost]# htpasswd -c /usr/local/nginx/conf/htpasswd xavi //創建xavi用戶
New password: 
Re-type new password: 
Adding password for user xavi

Apache方法:# /usr/local/apache2.4/bin/htpasswd -c /usr/local/nginx/conf/htpasswd xavi

再次創建一個新用戶,不用再用-c了

[root@xavi vhost]# htpasswd /usr/local/nginx/conf/htpasswd user1
New password:
  • 查看密碼文件
    [root@xavi vhost]# cat /usr/local/nginx/conf/htpasswd
    xavi:$apr1$mzzjFU/B$/il2XbQfytr2RPw/LuRdH0
    user1:$apr1$2tDxaHTk$Imu4zmH68YrUtK0h7l2.p.

    3.測試並重載配置

/usr/local/nginx/sbin/nginx -t

/usr/local/nginx/sbin/nginx -s reload

[root@xavi vhost]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@xavi vhost]# /usr/local/nginx/sbin/nginx -s reload

4.總結:兩句核心配置語句,auth_basic打開認證,auth_basic_user_file指定用戶密碼文件。生成密碼工具需要借助apache的htpasswd。Nginx不自帶這個工具。

5.使用curl命令來驗證

[root@xavi vhost]# curl -x127.0.0.1:80 test.com -I
HTTP/1.1 401 Unauthorized
Server: nginx/1.12.1
Date: Wed, 14 Mar 2018 13:47:04 GMT
Content-Type: text/html
Content-Length: 195
Connection: keep-alive
WWW-Authenticate: Basic realm="Auth"
//401狀態碼,說明訪問需要驗證

6.用戶認證測試主機

[root@xavi vhost]# curl -uxavi:xavi2018 -x127.0.0.1:80 test.com
<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>

報錯404,找到原料文件路徑並未創建

[root@xavi vhost]# ls /data/nginx/test.com/
ls: 無法訪問/data/nginx/test.com/: 沒有那個文件或目錄
[root@xavi vhost]# mkdir -p /data/nginx/test.com
[root@xavi vhost]# echo "test.com" > /data/nginx/test.com/index.html
[root@xavi vhost]# curl -uxavi:xavi2018 -x127.0.0.1:80 test.com
test.com

7.針對某個目錄做用戶認證,比如/admin,需要修改location後面的路徑

有時候我們需要對某個訪問目錄或者頁面進行認證,而不是全站。所以我們需要對配置文件進行更改:

[root@xavi vhost]# vim test.com.conf

server
{
   listen 80;
   server_name test.com;
   index index.html index.htm index.php;
   root /data/nginx/test.com;

   location /admin/
     {
       auth_basic         "Auth";
       auth_basic_user_file /usr/local/nginx/conf/htpasswd;
     }
}

技術分享圖片

[root@xavi vhost]# vim test.com.conf
[root@xavi vhost]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@xavi vhost]# /usr/local/nginx/sbin/nginx -s reload

[root@xavi vhost]# curl -x127.0.0.1:80 test.com
test.com
[root@xavi vhost]# curl -x127.0.0.1:80 test.com/admin/
<html>
<head><title>401 Authorization Required</title></head>
<body bgcolor="white">
<center><h1>401 Authorization Required</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>

排故過程:對摸個目錄做用戶認證,該目錄是有效的路徑,實際存在,且目錄下的測試文檔index.html下需要編輯一定內容,方便查看測試結果

[root@xavi vhost]# curl -x127.0.0.1:80 test.com
test.com
[root@xavi vhost]# curl -x127.0.0.1:80 test.com/admin/
<html>
<head><title>401 Authorization Required</title></head>
<body bgcolor="white">
<center><h1>401 Authorization Required</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>
[root@xavi vhost]# curl -uxavi:xavi2018 -x127.0.0.1:80 test.com/admin/
<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>
[root@xavi vhost]# curl -uxavi:xavi2018 -x127.0.0.1:80 test.com
test.com
[root@xavi vhost]# mkdir /data/nginx/test.com/admin
[root@xavi vhost]# curl -uxavi:xavi2018 -x127.0.0.1:80 test.com
test.com
[root@xavi vhost]# curl -uxavi:xavi2018 -x127.0.0.1:80 test.com/admin/
<html>
<head><title>403 Forbidden</title></head>
<body bgcolor="white">
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>
[root@xavi vhost]# echo "test admin dir" > /data/nginx/test.com/admin/index.html
[root@xavi vhost]# curl -uxavi:xavi2018 -x127.0.0.1:80 test.com/admin/
test admin dir

8. 針對某個特殊頁面進行認證:


   location ~ admin.php
     {
       auth_basic         "Auth";
       auth_basic_user_file /usr/local/nginx/conf/htpasswd;
     }
}

技術分享圖片

* 重載配置文件 -t&-reload

[root@xavi vhost]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@xavi vhost]# /usr/local/nginx/sbin/nginx -s reload

測試

[root@xavi vhost]# curl -x127.0.0.1:80 test.com/admin/
test admin dir

排查錯誤:找到原因是沒有創建admin.php文件

[root@xavi vhost]# curl -x127.0.0.1:80 test.com/admin.php
<html>
<head><title>401 Authorization Required</title></head>
<body bgcolor="white">
<center><h1>401 Authorization Required</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>
[root@xavi vhost]# curl -uxavi:xavi2018 -x127.0.0.1:80 test.com/admin.php
<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>
[root@xavi vhost]# curl -uxavi:xavi2018 -x127.0.0.1:80 test.com/admin.php
<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>
[root@xavi vhost]# vim /data/nginx/test.com/admin.php
[root@xavi vhost]# curl -uxavi:xavi2018 -x127.0.0.1:80 test.com/admin.php
<?php
echo "this is a test for admin.php";

12.9 Nginx域名重定向

Nginx的域名重定向與httpd類似,但更容易理解
只要Apache能實現的功能,Nginx也全部可以實現。不然也不會有那麽多企業使用nginx服務。

當我們站點有多個域名的時候,權重降低了,但是之前的域名已經被一部分人所依賴了,也不可能去通知大家新的站點,所以我們就會選擇一個主域名其它的均302跳轉過來!

1. 配置atorreid.com.conf

vim atorreid.com.conf

server
{
    listen 80 default_server;
    server_name atorreid.com xavi.com abc.com;
    index index.html index.htm index.php;
    root /data/nginx/www.torreid.com;
    if ($host != ‘torreid.com‘ ) {
        rewrite  ^/(.*)$  http://torreid.com/$1  permanent;

     location /
     {
       auth_basic         "Auth";
       auth_basic_user_file /usr/local/nginx/conf/htpasswd;
     }
}

在Nginx配置在,server_name後面可以跟多個域名,permanent為永久重定向,相當於httpd的R=301.另外還有一個常用的redirect,相當於httpd的R=302.

-t && -s reload 測試並重載配置

[root@xavi vhost]# curl -x127.0.0.1:80 www.atorreid.com/index.html -I
HTTP/1.1 301 Moved Permanently
Server: nginx/1.12.1
Date: Wed, 14 Mar 2018 15:03:15 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: http://torreid.com/index.html

12.Nginx介紹,安裝,配置默認虛擬主機,重定向